maria-discuss team mailing list archive

[Jeff Dyke <jeff.dyke@xxxxxxxxx>]

Reindl's (funny) comments aside.  Why still use phpMyAdmin in this day and
age.  Nearly every maria/percona/mysql client supports ssh tunneling.
SequelPro on Mac, Heidi (or others) on Windows, and any windows client
running through wine if your desktop/laptop is linux.  Also developers can
just use intellij or similar IDE's that have a database pane.

Trusting administration to an exposed phpMyAdmin in this day and age
frightens me greatly.  Also if you had an HIDS server running to track bad
phpMyAdmin logins i bet there would be a ton of alerts.  I've blocked all
such attempts in my IPS even though i don't have phpMyAdmin.

I realize this does not answer your question, but if this fits into your
architecture i'd say good by to that web interface.

my $.02

On Wed, Apr 17, 2019 at 10:54 AM Reindl Harald <h.reindl@xxxxxxxxxxxxx>
wrote:

>
>
> Am 17.04.19 um 16:50 schrieb Turritopsis Dohrnii Teo En Ming:
> > Subject/Topic: How do I determine if versions of phpMyAdmin before 4.8.5
> is SQL Injectable using sqlmap?
>
> frankly are you drunken?
>
> you posted this exactly same message to
>
> * phpmyadmin list TWICE
> * oracle mysql list
> * now mariadb list
>
> i seriously looked if my mailserver has a problem - stop it damned!
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~maria-discuss
> Post to     : maria-discuss@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~maria-discuss
> More help   : https://help.launchpad.net/ListHelp
>